2023 Human Risk Management Conference

With a Bachelors of Science in Cybersecurity and a CISSP, Drew has a passion for building security programs and reducing risk. He's worked with institutions in the government, private and public sectors. His specialty lies in understanding human behaviors and how emotions impact everyday decisions, and he uses this knowledge to help organizations craft security awareness programs with impact. Having spent 8 years in the military, Drew is a patriot and loves exploring his new home in Austin, Texas. He's also the creative mind behind many of the puzzles, games, and content for Living Security. 

As the CEO and Co-founder of Living Security, Ashley Rose is the driving force behind Living Security’s push to lead the Human Risk Management industry. She has successfully raised more than $25 million in funding to scale the business, pivoted the company from solely in-person training to a fully digital platform, and has led the company to be named an industry leader in the Forrester Wave. She co-founded Living Security based on the philosophy that empowering people is the best approach to lasting security behavior changes and breach prevention. She is an industry thought leader, sharing her unique perspective on the evolution of cybersecurity with various publications including Forbes, TechRepublic, Darkreading, Security Magazine, CyberWire, and Cybersecurity Ventures.

Chris is considered one of the world’s foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He’s the CISO for Boom Supersonic and works as an advisor for several entities worldwide. His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Since the late 90s, Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Over the years, he’s founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he’s working on spreading the risk, maturity, collaboration, and communication word across the industry.

With 20+ years in information security, Allan has served as CISO five times in four industries, with a strong history in technology, manufacturing, telecommunications, litigation, and education. Allan parlayed an IT career into a product security career and then ultimately fused the two disciplines. This unique background means that Allan approaches the CISO role with a highly business-aligned focus and an understanding of an organization's greater goals, drivers, methods, and practices.

Allan has led security functions in companies from 5 to 50,000 employees and executes a risk-based approach to security, as well as compliance with many frameworks. Allan hosts The Cyber Ranch Podcast.

Ashley is a driving force behind behavior change, occupying the role of lead for Security Training Awareness and Communication at Ciena. She spearheads the strategy and implementation of the global Security Awareness program. Drawing from her 10-year tenure in the technology and public sectors, Ashley has come to recognize the significance of helping people comprehend the “why” behind initiatives to inspire real change, rather than simply inundating them with technology or security tools. Presently, her focus lies in imparting advice and guidance to Human Risk leaders, equipping them with the skills to construct captivating communications using threat intelligence and emotion.

Sunette is an information security awareness specialist and is currently the Insider Threat Awareness Program Lead at Uber. Under her leadership, the program plays a key role in Uber’s security resilience strategy, helping employees to recognise and prevent potential insider threats through a robust education and awareness program.

Before Sunette joined Uber, she spent several years at Tesla as the Information Security Education and Awareness Lead, where she built the company’s first global data security awareness program from the ground up. Sunette holds a Master of Science degree in Biochemistry from the University of Stellenbosch in her home country of South Africa.

Kathryn Glynn’s role at Kimberly-Clark is Sr. Information Security Awareness & Training Lead. Her undergrad is in Marketing and Information Technology and she holds a Masters Degree in Marketing. In her career she has held numerous positions that mix Marketing and IT together and for the past 7 years she has been in Information Security, specifically focusing on securing the human. In her role she helps team members to not fear cyber-attacks but to feel empowered knowing they have the right tools to fight against them. People are not the problem; they are the solution. Educated, empowered people are your company’s best defense. Kathryn is an expert in analyzing, designing, developing, and implementing adult learning curriculum in a variety of multimedia formats that encourage employee growth and retention.

Jenny W. Hedderman Esq. is Risk Counsel from the Office of the Comptroller in Massachusetts. Attorney Hedderman specializes in compliance, internal controls and risk management in the areas of statewide accounting, payroll, financial reporting, and statewide financial audits for the 154 state agencies. Her current focus is developing the Comptroller’s Statewide Risk Management program, including cybersecurity, internal controls and cybersecurity awareness to reduce fraud and cyber incidents. Recent projects include the CTR Cyber Center website (macomptroller.org/ctr-cyber/) providing cybersecurity content, Cybersecurity Tips of the Week, CTR Cyber 5 (5 minute videos) and other internal controls to improve financial responsibility and protection of data, assets, and resources across the Commonwealth. Attorney Hedderman is Chair of the State Records Conservation Board. Secretary of the Essex Co-Operative Farming Association Board, as well as Adjunct Professor in Business Law at Endicott College.

As a dynamic Information Security and Risk Management Leader, he brings over 17 years of experience in managing cybersecurity projects and conducting incident response investigations. Throughout his career, he honed expertise in cybersecurity frameworks, threat detection, and risk management practices.

Currently pursuing his Doctoral degree at Colorado Technical University, his research focuses on cyber risk decision-making. His deep understanding of cybersecurity frameworks and compliance standards empowers him to apply principles of governance and compliance effectively to information security initiatives.

Rinki Sethi is the current vice president and chief information security officer at BILL, where she leads global information technology functions. She is also responsible for leading efforts to protect BILL’s information and technology assets and advise the company’s continued innovations in the security space.

Sethi brings decades of security and technology leadership expertise, including her recent roles as VP and CISO at Twitter and Rubrik, Inc. She has been at the forefront of developing cutting-edge online security infrastructure at several Fortune 500 companies such as IBM, Palo Alto Networks, Intuit, eBay, walmart.com, and PG&E. Sethi also serves on the board of ForgeRock, a global digital identity leader, and Data-In-Use Encryption leader Vaultree. She advises many other startups and VCs.

Nicole Thibault began a career in Security Awareness in 2013. Starting from the ground up (in so many ways) she built the foundation of a Security Awareness program at a large heath care corporation. Now, ten years later in the tech industry, Nicole helps shift the mindset of employees and contractors to know security isn't something to be feared, and employees should turn to security for issues and concerns. Building a culture of personnel who report phishing emails and odd computer behavior is the starting point to employee empowerment.

Martijn specializes in cyber security, digital technology, and risk management. He has more than 20 years' experience leading large-scale cyber and technology risk transformations across the globe in financial services, large dotcoms, and critical national infrastructure. He's experienced in cyber risk strategy, implementation, and incident response for boards and the C-suite.

While on a career break from KPMG, Martijn set up and ran the European business for an Australian tech startup in London. During this time, Martijn gained hands-on experience in agile working, fast-paced digital transformation, and DevOps.

In January 2022, Martijn joined KPMG Australia. Previously, he was a partner in KPMG's London office, where he led the cyber security business for their largest corporate clients.